1. Field of the Invention
The present invention relates to the field of trusted and secure computing systems, and more particularly to securely backing up and restoring data using mass storage devices.
2. Description of the Related Art
With the advent of computer systems, there has always existed a need to transport, backup, or restore data. In the 1960's, IBM invented the forerunner of current removable media, the floppy disk. At first, the floppy disk was a read only disk with a large eight-inch form factor. Eventually, the floppy disk was adapted to be writable as well as readable, and the form factor shrunk to the common day 3-½ inch form factor. The floppy disk was a popular choice for removable media because of portability and cost. However, the floppy disk was never popular for backing up and restoring data due to the small data capacity (approximately 1.4 MB).
In order to transport or backup and restore any significant amount of data, a storage device other than a floppy disk is needed. One such device that offers higher data capacities is a tape drive. The tape drive, like the floppy disk, is an electromagnetic storage device that can store many gigabytes, even terabytes, of data. The tape drive is an ideal solution for corporations, but for the individual business or home user the tape drive is not practical. This is due in part to the hardware required to utilize a tape drive. Alternatively, many have turned to optical disks such as CD's or DVD's to store data. Optical disks offer large data capacities, currently ranging from 700 MB to 8.7 GB, and optical disks offer portability. However, just as with the tape drive, optical disks require specialized hardware in order to write data to the disk.
An alternative solution to backing up and restoring data is a flash memory based Universal Serial Bus (USB) drive. USB drives are commonly known as USB mass storage devices, and are available in many different form factors. A popular form factor is the keychain drive. These devices are small, often one to two inches in length, highly portable and currently have data capacities of up to 2 GB. Since desktop and portable computers generally have multiple USB ports, no proprietary hardware is required to use a USB drive.
All of the above discussed removable media are viable solutions depending upon the situation. However, with the portability of removable media comes the increased risk of losing the storage device that may contain highly sensitive data. While many removable media manufacturers have made individual strides towards increasing security by adding “smart cards” or embedded security chips to their new models, the lack of a concerted effort by the removable media industry to develop security technology could prevent the evolution of this technology in a consistent and compatible way between manufacturers.
One current solution to this problem is to password encrypt the data on the removable media device. The password, however, does not prevent the removable media device, such as a USB drive, to be used in multiple systems. For example, assume a business traveler loses a USB drive in the airport, and a person retrieves the USB drive. Commonly available password breaking tools will allow a person to potentially retrieve the data from the USB drive. Additionally, people may forget passwords, and then the data becomes lost in the sense that a person may never be able to access the encrypted data again. What is needed is a system, method, and apparatus that only allows data stored on removable media to be accessed on the system that created the data, and thereby negates the need of user-interaction.
An open alliance between major manufacturers was formed to develop and propose a standard that would adopt hardware and software technologies to strengthen security at the system or platform level. The open alliance, formerly known as the Trusted Computing Platform Alliance (TCPA) (currently referred to as the Trusted Computing Group (TCG) but will be referred to herein as the TCPA), has proposed a standard including new hardware, BIOS and operating system specifications so manufacturers can provide a more trusted and secure PC platform based on common industry standards, the details of which are provided in the TCPA PC Specific Implementation Specification, 1.00 RC1 (Aug. 16, 2001) (http://www.trustedcomputinggroup.org), hereby incorporated by reference.
The alliance has successfully created a cryptographic module generally called a Trusted Platform Module (TPM). However, no method or apparatus exists to interface removable media devices with the TPM in order to take advantage of the cryptographic capabilities of the TPM. What are needed is a process, apparatus, and system that interface a removable media storage device with the TPM. Beneficially, such a process, apparatus, and system would allow secure backup and restore of data only on the system that created the data.